Need to store secrets in your nixos config gitrepo that declaritively manages everything for you? Try agenix today!
Add an entry to
secrets.nix with the name of the secret and the list of keys that can decrypt it
agenix -e <secret-name>.age to create the secret. It'll open a text editor to enter the secret value
In order to rekey secrets, you need to be able to decrypt them. You'll probably need to copy over the keys from all the various key files defined in
then you can run with agenix installed: